Rather, upgrade, attackers will not give you a head start.
Fortinet has published a warning about a new critical vulnerability in the FortiOS VPN system, which, as expected, can already be used in hacker attacks.
The vulnerability, designated CVE-2024-21762 (FG-IR-24-015), is characterized as an out-of-buffer write problem in FortiOS that allows unauthorized attackers to perform remote code execution (RCE) using specially crafted requests. The vulnerability is rated at 9.6 points on the CVSS scale.
To eliminate the threat, the company recommends updating to the latest versions of the system according to the following recommendations:
If an immediate update is not possible, you can temporarily disable SSL VPN on FortiOS devices to reduce risks.
The official message from Fortinet does not provide details about how the vulnerability was exploited or who discovered it.
The vulnerability was disclosed along with other critical flaws, including CVE-2024-23108 and CVE-2024-23109, but only CVE-2024-21762 is considered actively exploited by attackers.
Earlier, Fortinet reported that Chinese state hackers, known as Volt Typhoon, used FortiOS vulnerabilities to deploy a specialized malware called COATHANGER, which is a remote access Trojan. With its help, the attackers successfully attacked the network of the Dutch army.
Given the high severity of the CVE-2024-21762 vulnerability, as well as other identified security flaws, the company strongly recommends updating your devices as soon as possible.
Fortinet has published a warning about a new critical vulnerability in the FortiOS VPN system, which, as expected, can already be used in hacker attacks.
The vulnerability, designated CVE-2024-21762 (FG-IR-24-015), is characterized as an out-of-buffer write problem in FortiOS that allows unauthorized attackers to perform remote code execution (RCE) using specially crafted requests. The vulnerability is rated at 9.6 points on the CVSS scale.
To eliminate the threat, the company recommends updating to the latest versions of the system according to the following recommendations:
- from FortiOS 7.4, you must upgrade to 7.4.3 or later;
- from FortiOS 7.2, you must upgrade to 7.2.7 or later;
- from FortiOS 7.0, you must upgrade to 7.0.14 or later;
- from FortiOS 6.4, you must upgrade to 6.4.15 or later;
- from FortiOS 6.2, you must upgrade to 6.2.16 or later;
- from FortiOS 6.0, you need to upgrade to a fixed release.
If an immediate update is not possible, you can temporarily disable SSL VPN on FortiOS devices to reduce risks.
The official message from Fortinet does not provide details about how the vulnerability was exploited or who discovered it.
The vulnerability was disclosed along with other critical flaws, including CVE-2024-23108 and CVE-2024-23109, but only CVE-2024-21762 is considered actively exploited by attackers.
Earlier, Fortinet reported that Chinese state hackers, known as Volt Typhoon, used FortiOS vulnerabilities to deploy a specialized malware called COATHANGER, which is a remote access Trojan. With its help, the attackers successfully attacked the network of the Dutch army.
Given the high severity of the CVE-2024-21762 vulnerability, as well as other identified security flaws, the company strongly recommends updating your devices as soon as possible.
